User:Zarutian/Authorization Certificates

From Erights

An receptionist (an object), that is reachable via an sturdyref,
receives an sequence of authorization certificates.

An certificate is an tuple of issuer, instructions and signature of those two by the issuer.
An issuer in above is simply an public key (or fingerprint of the key to identify it).
The private key counterpart of that key is used to sign the certificate.

The receptionist has an mapping of issuers to avatar objects.

For each certificate in an sequence
the receptionist checks the signature of the certificate
if invalid then an exception is thrown
the receptionist then checks if it has an issuer to avatar mapping
if not then an exception is thrown
then the receptionist invokes the avatar object and passes it the instructions in the cert
the avatar object then interprets those instructions as its programer sees fit.

An facet of the receptionist handles introductions of new issuers and construction of avatar
objects for those issuers. (Some such introductions wouldn't out live the session of the current
sequence).

One type of certificate would be an online challenge-response requesting certificate
where an capability to the requester would be passed to an avatar object if it succeeds.